<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

New Gartner Report Identifies Cybersecurity Control Failure as #1 Executive Concern for 2021


With a variety of risks growing out of the pandemic, cybersecurity control failures was listed as the top executive concern during Q1 2021. According to the Gartner Emerging Risks Monitor Report, 67% of senior executives stated that the risk of cybersecurity control failure is their number one concern.

The Gartner poll consisted of 165 senior-level executives of different industries and regions, reflecting that these risks are prevalent concerns across the board. Second to cybersecurity risk, “the new working model” was cited as a top emerging risk. All top five concerns were internal risks, with remote talent management, organizational cultural degradation, and strategic corrections rounding out the list of pressing concerns according to executives. This is not to say that there is any shortage of external risks impacting operational activities, but the risk areas highlighted show just how much COVID-19 has impacted businesses and their future operations in a digital-first world.

For more information on Cyber and IT Risk Management post-COVID-19, download Gartner’s NEW Hype Cycle for Cyber & IT Risk Management report.

“Many organizations were forced to implement quick fixes to serious operational gaps as a result of their initial pandemic responses,” said Matt Shinkman, Vice President with the Gartner Risk and Audit Practice. “Nowhere has that been more apparent than in cybersecurity policies that have prioritized on-premises security over secure remote work access. Executives responsible for these areas are realizing that the time to enact more sustainable and robust policies is now.” 

With the pandemic and mandated lockdowns spurring a rapid switch to remote work setups, IT and security teams had to hastily retrofit their risk management strategies to accommodate remote work access and expand their VPN network for the whole enterprise. Integrated risk management has come into clear focus for organizations looking to reinvent risk management across all layers including technical to strategic. Loosely secured remote work environments have been the root cause of greater cybersecurity control concerns. 

According to the poll, most executives agree that as remote work setups become more of a permanent feature of work environments - security and IT teams need to improve on securing the network and remote access. In order to remediate certain risks, Gartner recommends implementing an identity-first security protocol and transferring endpoint protection services to the cloud. 

Following protracted vaccine rollout and reputational risks from citizen journalism, compromised cybersecurity controls also ranked third in “risk velocity” in an alternative report metric that was measured. Gartner assessed risk velocity by evaluating executive polling data with data on the potential impact and growing speed of the risk. 

“Risk velocity can help executives see blind spots of emerging risks that might be moving towards an organization quickly, but aren’t appreciated yet by their peers,” said Mr. Shinkman. “However, in the case of cybersecurity risk, it’s good to see that the level of awareness among executives matches the severity of the risk facing their organizations.”

You may also like

Compliance and Regulations for ...
on January 9, 2023

Compliance for many cybersecurity programs has been the cornerstone and the catalyst for why many programs exist in the first place. Since the rise of the information technology ...

Cyber Risk Quantification: Metrics ...
on January 6, 2023

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, ...

Padraic O'Reilly
Cybersecurity Maturity Models You ...
on December 30, 2022

Cybercrime has forced businesses worldwide into paying billions of dollars yearly. As more of the population becomes dependent on technology, the fear of cyber attacks continues ...

Top 10 Risks in Cyber Security
on December 23, 2022

Increasing cyber security threats continue creating problems for companies and organizations, obliging them to defend their systems against cyber threats. According to research ...

Governance and Process Automation
on December 21, 2022

Any enterprise operating at scale understands the need for standardization and strong corporate governance. Having served Fortune 50 companies for decades, I have seen the ...

Jerry Layden
Introducing Crosswalking Templates
on December 19, 2022

Crosswalking can be a handy tool to view control performance for a single asset/system against multiple frameworks. One can complete an assessment using one framework by ...